<?
//include script to do user logins
include("login/authincludesessions.php");
?>

<html>

<?

include("header.php");

?>

<div id="leftpane">
<h1>Safreenet Usermap 0.2</h1>

<?
//include script to do user logins
include("login/authincludemain.php");
?>

<?php

//include db access
include("includes/auth.php");
include("includes/dbconnect.php");

//get variable from url
$uid= $_GET['uid'];
$ulat= $_GET['ulat'];
$ulong= $_GET['ulong'];
$uname= $_GET['uname'];
$uownerid =  $_GET['uownerid'];
$ustatus =  $_GET['ustatus'];
$udescription =  $_GET['udescription'];
$uaddress =  $_GET['uaddress'];
$uurl =  $_GET['uurl'];

//Round off input numbers as stored in MySQL to 6 decimal places
//anyway, so need to make same for comparisons later
$ulat = round($ulat,6);
$ulong = round($ulong,6);

//set error found variable to false to begin with
$error_found=false;

//Do some fancy coding to check if co-ords are out of SA range, so we
//don't get nodes added for Finland

$salat_min = -39;
$salat_max = -25;
$salong_min = 125;
$salong_max = 142;

if(($ulat< $salat_min || $ulat > $salat_max) || ($ulong < $salong_min || $ulong > $salong_max) || $uname=='')
      {
 	     //print what the problem was
	      if($ulat<$salat_min) echo ("Latitude too small ($ulat), needs to be > $salat_min<br>");
     		 if($ulat>$salat_max) echo ("Latitude too large ($ulat), needs to be < $salat_max<br>");
    		  if($ulong<$salong_min) echo ("Longitude too small ($ulong), needs to be > $salong_min<br>");
    		  if($ulong>$salong_max) echo ("Longitude too large ($ulong), needs to be < $salong_max<br>");
    		  if($uname=='') echo ("Please insert a username<br>");
     
		 echo("<b>Data not entered into database</b><p>");
      }


      //fetch data from database
      $result = mysql_query("SELECT * FROM nodes where id='$uid'",$link);
      if (!$result)
      {
              echo "no results ";
      }

      $row = mysql_fetch_array($result);

//check that current logged in user owns this node
if($session->username == $row['ownerid'])
{
}
else
{
	//set flag so don't save data
	$error_found=true;
	//give error message
	echo("Error: you do not own this node!<p>");
}


if(!$error_found)
{

//update database
      mysql_query("UPDATE nodes SET name = '$uname', lat =
'$ulat', lon = '$ulong', ownerid = '$uownerid', status = '$ustatus',
about = '$uabout', address = '$uaddress', url = '$uurl' WHERE id =
'$uid';")
      or die(mysql_error());

      //And echo back inserted data
      echo ("The following changes were made for node " . $uid. ":
<br>" . "\n");

      if($row['name'] != $uname) echo 'Name: ' . $uname . '<br>' . "\n";
      if($row['lat'] != $ulat) echo 'Latitude: ' . $ulat . '<br>' . "\n";
      if($row['lon'] != $ulong) echo 'Longitude: ' . $ulong . '<br>' . "\n";
      if($row['ownerid'] != $uownerid) echo 'Ownerid: ' . $uownerid . '<br>' . "\n";
      if($row['status'] != $ustatus) echo 'Status: ' . $ustatus .'<br>' . "\n"; 
      if($row['about'] != $uabout) echo 'About: ' . $uabout . '<br>' . "\n";
      if($row['address'] != $uaddress) echo 'Address: ' . $uaddress . '<br>' . "\n";
      if($row['url'] != $uurl) echo 'Url: ' . $uurl . '<br>' . "\n";

}
else
{
	echo ("No update made");

}


//close off database connection
mysql_close($link);

echo("<p></p><a href=\"index.php\">
Return to Map</a>");

?>